﻿// <author>Netmon Cipher Dev Team</author>
// <date>2009-07-16</date>
// <version>1.0</version>
// <summary>This contains the Netmon Filters.</summary>

namespace SSLDecryptionExpert
{
    using System;

    /// <summary>
    /// Netmon Filter Set class
    /// </summary>
    public class NMFilters
    {
        /// <summary>
        /// String to hold the Handshake type filtername.
        /// </summary>
        private string handshakeTypeFilter = string.Empty;

        /// <summary>
        /// variable to hold ContentType filtername.
        /// </summary>
        private string contentTypeFilter = string.Empty;

        /// <summary>
        /// string to hold selected cipher suite filter 
        /// </summary>
        private string cipherSuiteFilter = string.Empty;

        /// <summary>
        /// string to hold selected cipher suite filter for SSL 2.0 
        /// </summary>
        private string sslV2cipherSuiteFilter = string.Empty;

        /// <summary>
        /// string to hold Application data filter name.
        /// </summary>
        private string applicationDataFilter = string.Empty;

        /// <summary>
        /// string to hold randombytes filter of client.
        /// </summary>
        private string clientTimestampFilter = string.Empty;

        /// <summary>
        /// string to hold random bytes filter of client.
        /// </summary>
        private string clientRandomBytesFilter = string.Empty;

        /// <summary>
        /// string to hold session ID filter of client.
        /// </summary>
        private string clientSessionIdFilter = string.Empty;

        /// <summary>
        /// string to hold session ID filter of client.
        /// </summary>
        private string clientSessionLengthIdFilter = string.Empty;

        /// <summary>
        /// string to hold randombytes filter of server.
        /// </summary>
        private string serverTimestampFilter = string.Empty;

        /// <summary>
        /// string to hold random bytes filter of server.
        /// </summary>
        private string serverRandomBytesFilter = string.Empty;

        /// <summary>
        /// string to hold session ID filter of server.
        /// </summary>
        private string serverSessionIdFilter = string.Empty;

        /// <summary>
        /// string to hold client key exchange filter
        /// </summary>
        private string clientKeyExchangeFilter = string.Empty;

        /// <summary>
        /// string to hold change cipher filter of encrypted data
        /// </summary>
        private string changeCipherDataFilter = string.Empty;

        /// <summary>
        /// string to hold change cipher filter.
        /// </summary>
        private string changeCipherFilter = string.Empty;

        /// <summary>
        /// string to hold encrypted Application Data filter 
        /// </summary>
        private string encryptedAppDataFilter = string.Empty;

        /// <summary>
        /// String to hold finished message data when 
        /// Null cipher is selected.
        /// </summary>
        private string nullCipherFinishedFilter = string.Empty;

        /// <summary>
        /// String to hold Ldap encrrypted application data.
        /// </summary>
        private string ldapApplicationData = string.Empty;

        /// <summary>
        /// String to hold sslv2 ldap encrypted data.
        /// </summary>
        private string sslV2LdapApplicationData = string.Empty;

        /// <summary>
        /// string to hold sslV2 challenge data.
        /// </summary>
        private string sslV2ChallengeData = string.Empty;

        /// <summary>
        /// string to hold sslV2 Connection Id data.
        /// </summary>
        private string sslV2connectionId = string.Empty;

        /// <summary>
        /// string to hold sslV2 Client master key.
        /// </summary>
        private string sslV2ClientMasterKey = string.Empty;

        /// <summary>
        /// string to hold sslV2 encrypted data.
        /// </summary>
        private string sslv2EncryptedData = string.Empty;

        /// <summary>
        /// string to hold sslV2 key argument.
        /// </summary>
        private string sslV2KeyArgument = string.Empty;

        /// <summary>
        /// string to hold sslV2 padding value.
        /// </summary>
        private string sslv2PaddingValue = string.Empty;
        
        /// <summary>
        /// Initializes a new instance of the NMFilters class.
        /// </summary>
        public NMFilters()
        {
        }

        /// <summary>
        /// Initializes a new instance of the NMFilters class.
        /// </summary>
        /// <param name="version">
        /// Version to initialize filterset.
        /// </param>
        public NMFilters(string version)
        {
            string typePrefix = "SSL";
            bool SSLv2 = false;

            string[] elements = version.Split('.');
            foreach (string e in elements)
            {
                if (e.Contains("RecordLayer"))
                {
                    if (e.ToLower().Contains("ssl"))
                    {
                        typePrefix = "SSL";
                    }
                    else if (e.ToLower().Contains("tls"))
                    {
                        typePrefix = "TLS";
                    }
                }
                if (e.Contains("SslV2RecordLayer"))
                {
                    SSLv2 = true;
                }
            }

            this.cipherSuiteFilter =
            version + ".SSLHandshake.HandShake.ServerHello." + typePrefix + "CipherSuite";

            this.sslV2cipherSuiteFilter =
                version + ".ClientMasterKey.CipherSpec.CipherSpec";

            this.contentTypeFilter =
            version + ".ContentType";

            if (SSLv2)
            {
                this.handshakeTypeFilter =
                version + ".HandShakeMessageType";
            }
            else
            {
                this.handshakeTypeFilter =
                version + ".SSLHandshake.HandShake.HandShakeType";
            }

            this.applicationDataFilter =
            version + ".ApplicationData";

            this.clientTimestampFilter =
            version + ".SSLHandshake.HandShake.ClientHello.RandomBytes.TimeStamp";

            this.clientRandomBytesFilter =
            version + ".SSLHandshake.HandShake.ClientHello.RandomBytes.RandomBytes";

            this.clientSessionIdFilter =
            version + ".SSLHandshake.HandShake.ClientHello.SessionID";

            this.clientSessionLengthIdFilter =
            version + ".SSLHandshake.HandShake.ClientHello.SessionIDLength";

            this.serverTimestampFilter =
            version + ".SSLHandshake.HandShake.ServerHello.RandomBytes.TimeStamp";

            this.serverRandomBytesFilter =
            version + ".SSLHandshake.HandShake.ServerHello.RandomBytes.RandomBytes";

            this.serverSessionIdFilter =
            version + ".SSLHandshake.HandShake.ServerHello.SessionID";

            this.clientKeyExchangeFilter =
            version + ".SSLHandshake.HandShake.ClientKeyExchange";

            this.changeCipherDataFilter =
            version + ".SSLHandshake.EncryptedHandshakeMessage";

            this.changeCipherFilter =
            version + ".ChangeCipherSpec";

            this.encryptedAppDataFilter =
            version + ".ApplicationData.SSLApplicationData";

            this.nullCipherFinishedFilter =
            version + "SSL.SslRecLayer.SslV3RecordLayer.SSLHandshake";

            this.ldapApplicationData =
             version + ".ApplicationData.LDAPOverSSL.EncryptedData";

            this.sslV2LdapApplicationData =
                version + ".EncryptedData.LDAPOverSSL.EncryptedData";

            this.sslV2ChallengeData =
                version + ".Challenge";
            // BugBug: How did this ever work before?
            //this.sslV2ChallengeData =
            //    "Ethernet.Ipv4.Tcp.TCPPayload.TlsSslData.Ssl.SslV2RecordLayer.ClientHello.Challenge";
            this.sslV2connectionId =
                version + ".ServerHello.ConnectionID";

            this.sslV2ClientMasterKey =
                version + ".ClientMasterKey.EncryptedKey";

            this.sslV2KeyArgument =
                version + ".ClientMasterKey.KeyArgument";

            this.sslv2EncryptedData =
                version + ".EncryptedData.SSLApplicationData";

            this.sslv2PaddingValue =
                version + ".SslV2Header.Padding";
        }

        /// <summary>
        /// Gets HandshakeTypeFilter
        /// </summary>
        public string HandshakeTypeFilter
        {
            get
            {
                return this.handshakeTypeFilter;
            }
        }

        /// <summary>
        /// Gets ContentTypeFilter
        /// </summary>
        public string ContentTypeFilter
        {
            get
            {
                return this.contentTypeFilter;
            }
        }

        /// <summary>
        /// Gets CipherSuiteFilter
        /// </summary>
        public string CipherSuiteFilter
        {
            get
            {
                return this.cipherSuiteFilter;
            }
        }

        /// <summary>
        /// Gets SslV2cipherSuiteFilter
        /// </summary>
        public string SslV2cipherSuiteFilter
        {
            get
            {
                return this.sslV2cipherSuiteFilter;
            }
        }

        /// <summary>
        /// Gets ApplicationDataFilter
        /// </summary>
        public string ApplicationDataFilter
        {
            get
            {
                return this.applicationDataFilter;
            }
        }

        /// <summary>
        /// Gets ClientTimestampFilter
        /// </summary>
        public string ClientTimestampFilter
        {
            get
            {
                return this.clientTimestampFilter;
            }
        }

        /// <summary>
        /// Gets ClientRandomBytesFilter
        /// </summary>
        public string ClientRandomBytesFilter
        {
            get
            {
                return this.clientRandomBytesFilter;
            }
        }

        /// <summary>
        /// Gets ClientSessionID
        /// </summary>
        public string ClientSessionIdFilter
        {
            get
            {
                return this.clientSessionIdFilter;
            }
        }

        /// <summary>
        /// Gets ClientSessionLengthID
        /// </summary>
        public string ClientSessionLengthIdFilter
        {
            get
            {
                return this.clientSessionLengthIdFilter;
            }
        }

        /// <summary>
        /// Gets ServerTimestampFilter
        /// </summary>
        public string ServerTimestampFilter
        {
            get
            {
                return this.serverTimestampFilter;
            }
        }

        /// <summary>
        /// Gets ServerRandomBytesFilter
        /// </summary>
        public string ServerRandomBytesFilter
        {
            get
            {
                return this.serverRandomBytesFilter;
            }
        }

        /// <summary>
        /// Gets ServerRandomBytesFilter
        /// </summary>
        public string ServerSessionIdFilter
        {
            get
            {
                return this.serverSessionIdFilter;
            }
        } 

        /// <summary>
        /// Gets ClientKeyExchangeFilter
        /// </summary>
        public string ClientKeyExchangeFilter
        {
            get
            {
                return this.clientKeyExchangeFilter;
            }
        }

        /// <summary>
        /// Gets Change Cipher Data Filter
        /// </summary>
        public string ChangeCipherDataFilter
        {
            get
            {
                return this.changeCipherDataFilter;
            }
        }

        /// <summary>
        /// Gets ChangeCipherFilter
        /// </summary>
        public string ChangeCipherFilter
        {
            get
            {
                return this.changeCipherFilter;
            }
        }

        /// <summary>
        /// Gets Encrypted App Data Filter
        /// </summary>
        public string EncryptedAppDataFilter
        {
            get
            {
                return this.encryptedAppDataFilter;
            }
        }

        /// <summary>
        /// Gets Null Cipher Finished Data Filter
        /// </summary>
        public string NullCipherFinishedFilter
        {
            get
            {
                return this.nullCipherFinishedFilter;
            }
        }

        /// <summary>
        /// Gets Ldap Encrypted App Data Filter
        /// </summary>
        public string LdapApplicationData
        {
            get
            {
                return this.ldapApplicationData;
            }
        }

        /// <summary>
        /// Gets Ldap Encrypted App Data Filter
        /// </summary>
        public string SSLv2LdapApplicationData
        {
            get
            {
                return this.sslV2LdapApplicationData;
            }
        }

        /// <summary>
        /// Gets ssl V2 challenge Data.
        /// </summary>
        public string SslV2ChallengeData
        {
            get
            {
                return this.sslV2ChallengeData;
            }
        }

        /// <summary>
        /// Gets ssl V2 connectionId.
        /// </summary>
        public string SslV2connectionId
        {
            get
            {
                return this.sslV2connectionId;
            }
        }

        /// <summary>
        /// Gets ssl V2 Client Master Key.
        /// </summary>
        public string SslV2ClientMasterKey
        {
            get
            {
                return this.sslV2ClientMasterKey;
            }
        }

        /// <summary>
        /// Gets ssl V2 Key argument
        /// </summary>
        public string SslV2KeyArgument
        {
            get
            {
                return this.sslV2KeyArgument;
            }
        }
        
        /// <summary>
        /// Gets ssl V2 Padding Value.
        /// </summary>
        public string Sslv2PaddingValue
        {
            get
            {
                return this.sslv2PaddingValue;
            }
        }
        
        /// <summary>
        /// Gets ssl V2 encrypted Data.
        /// </summary>
        public string SslV2EncryptedData
        {
            get
            {
                return this.sslv2EncryptedData;
            }
        }
    }
}
